nextlevelbuilder GoClaw
- <= 3.13.2
A vulnerability exists in Nextlevelbuilder GoClaw versions up to 3.13.2, specifically within the exec approval tool. The issue arises from the 'isSafeBin' function in 'internal/tools/exec_approval.go', which improperly classifies certain commands as safe based solely on their binary name. This flaw allows authenticated users with operator privileges to execute commands that read from or write to the filesystem without the required human approval. The vulnerability can be exploited remotely, and public exploit scripts are available.
Exploitation of this vulnerability bypasses the intended approval process for host commands, allowing unauthorized file writes or reads within the application's workspace. This undermines the application's security model by enabling operators to execute potentially harmful commands without oversight.
To reproduce this vulnerability, upload the provided 'verification_test.py' script to the vulnerable GoClaw instance. This script will exploit the approval bypass by using the 'sort -o' command to write a file, demonstrating how the vulnerability can be used to manipulate the application's filesystem without proper authorization.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.